Secunia Security Advisory - Debian has issued an update for acidlab. This fixes some vulnerabilities, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks. For more information: SA17552
90950bec3cf0fb9158e1998b26b9e7400458c85db8c9d9b3b1020b04523c1f58
TITLE:
Debian update for acidlab
SECUNIA ADVISORY ID:
SA17558
VERIFY ADVISORY:
http://secunia.com/advisories/17558/
CRITICAL:
Less critical
IMPACT:
Cross Site Scripting, Manipulation of data
WHERE:
>From remote
OPERATING SYSTEM:
Debian GNU/Linux 3.0
http://secunia.com/product/143/
Debian GNU/Linux 3.1
http://secunia.com/product/5307/
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/
DESCRIPTION:
Debian has issued an update for acidlab. This fixes some
vulnerabilities, which can be exploited by malicious users to conduct
SQL injection attacks and by malicious people to conduct cross-site
scripting attacks.
For more information:
SA17552
SOLUTION:
Apply updated packages.
-- Debian GNU/Linux 3.0 alias woody --
Source archives:
http://security.debian.org/pool/updates/main/a/acidlab/acidlab_0.9.6b20-2.1.dsc
Size/MD5 checksum: 696 cef50f8f32342dae4d4a636514b45d67
http://security.debian.org/pool/updates/main/a/acidlab/acidlab_0.9.6b20-2.1.diff.gz
Size/MD5 checksum: 12025 9bd3d66dd5da335a2f6210fdabc71ffc
http://security.debian.org/pool/updates/main/a/acidlab/acidlab_0.9.6b20.orig.tar.gz
Size/MD5 checksum: 108889 ca7719cfed424c5173cdcd37b6299199
Architecture independent components:
http://security.debian.org/pool/updates/main/a/acidlab/acidlab_0.9.6b20-2.1_all.deb
Size/MD5 checksum: 120294 145ddf686a744238b0aee2bec82cb89e
-- Debian GNU/Linux 3.1 alias sarge --
Source archives:
http://security.debian.org/pool/updates/main/a/acidlab/acidlab_0.9.6b20-10.1.dsc
Size/MD5 checksum: 696 0bae590a4e21f77779ee5b904d5b7457
http://security.debian.org/pool/updates/main/a/acidlab/acidlab_0.9.6b20-10.1.diff.gz
Size/MD5 checksum: 352092 02346f1d88573440afe79e8e3eca13a7
http://security.debian.org/pool/updates/main/a/acidlab/acidlab_0.9.6b20.orig.tar.gz
Size/MD5 checksum: 108889 ca7719cfed424c5173cdcd37b6299199
Architecture independent components:
http://security.debian.org/pool/updates/main/a/acidlab/acidlab-doc_0.9.6b20-10.1_all.deb
Size/MD5 checksum: 275994 0382bf72c1ac0121f196d26b0d8462fb
http://security.debian.org/pool/updates/main/a/acidlab/acidlab-mysql_0.9.6b20-10.1_all.deb
Size/MD5 checksum: 4414 f78fc7c230991b9949cbd2eb5b0d54fc
http://security.debian.org/pool/updates/main/a/acidlab/acidlab-pgsql_0.9.6b20-10.1_all.deb
Size/MD5 checksum: 4416 3eaec77032a2c3e5044f3c649e802a5f
http://security.debian.org/pool/updates/main/a/acidlab/acidlab_0.9.6b20-10.1_all.deb
Size/MD5 checksum: 660860 9f6a40fc2f63e296c03029d04b92273c
-- Debian GNU/Linux unstable alias sid --
Fixed in versions 0.9.6b20-13 and 1.2.1-1.
ORIGINAL ADVISORY:
http://www.debian.org/security/2005/dsa-893
OTHER REFERENCES:
SA17552:
http://secunia.com/advisories/17552/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------